450 likes | 586 Views
DNT 1013 DATA COMMUNICATIONS ------------------------------------------ CHAPTER 5: TRANSPORT LAYER. Prepared By: Mdm Noor Suhana Bt Sulaiman FKMT-NT, TATiUC. PROCESS TO PROCESS DELIVERY: TCP, UDP, SCTP. Our goals: understand principles behind transport layer services:
E N D
DNT 1013 DATA COMMUNICATIONS ------------------------------------------ CHAPTER 5: TRANSPORT LAYER Prepared By: Mdm Noor Suhana Bt Sulaiman FKMT-NT, TATiUC
PROCESS TO PROCESS DELIVERY: TCP, UDP, SCTP
Our goals: understand principles behind transport layer services: multiplexing/demultiplexing reliable data transfer flow control congestion control learn about transport layer protocols in the Internet: UDP: connectionless transport TCP: connection-oriented transport TCP congestion control Transport Layer
provide logical communication between app processes running on different hosts transport protocols run in end systems send side: breaks app messages into segments, passes to network layer received side: reassembles segments into messages, passes to app layer more than one transport protocol available to apps Internet: TCP and UDP application transport network data link physical application transport network data link physical network data link physical network data link physical network data link physical network data link physical network data link physical logical end-end transport Transport services and protocols
Transport vs. Network Layer • network layer: logical communication between hosts • PDU: Datagram • Datagram’s may be lost, duplicated, reordered in the Internet – “best effort” service • transport layer: logical communication between processes • relies on, enhances, network layer services • PDU: Segment • extends “host-to-host” communication to “process-to-process” communication
Transport Layer Transport Layer Network Layer Network Layer Multiplexing/Demultiplexing HTTP FTP • Use same communication channel between hosts for several logical communication processes • How does Mux/DeMux work? • Sockets: doors between process & host • UDP socket: (dest. IP, dest. Port) • TCP socket: (src. IP, src. port, dest. IP, dest. Port) Telnet
Connectionless demux • UDP socket identified by two-tuple: • (dest IP address, dest port number) • When host receives UDP segment: • checks destination port number in segment • directs UDP segment to socket with that port number • IP datagrams with different source IP addresses and/or source port numbers directed to same socket
TCP socket identified by 4-tuple: source IP address source port number dest IP address dest port number recv host uses all four values to direct segment to appropriate socket Server host may support many simultaneous TCP sockets: each socket identified by its own 4-tuple Web servers have different sockets for each connecting client non-persistent HTTP will have different socket for each request Connection-oriented demux
UDP: User Datagram Protocol • Why use UDP? • No connection establishment cost (critical for some applications, e.g., DNS) • No connection state • Small segment headers (only 8 bytes) • Finer application control over data transmission
often used for streaming multimedia apps loss tolerant rate sensitive other UDP uses DNS SNMP reliable transfer over UDP: add reliability at application layer application-specific error recovery! UDP Segment Structure 32 bits source port # dest port # Length, in bytes of UDP segment, including header checksum length Application data (message) UDP segment format
Sender: treat segment contents as sequence of 16-bit integers checksum: addition (1’s complement sum) of segment contents sender puts checksum value into UDP checksum field Receiver: compute checksum of received segment check if computed checksum equals checksum field value: NO - error detected YES - no error detected. UDP checksum Goal: detect “errors” (e.g., flipped bits) in transmitted segment
Internet Checksum Example • Note: When adding numbers, a carryout from the most significant bit needs to be added to the result • Example: add two 16-bit integers • Weak error protection? Why is it useful? 1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 1 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 0 1 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1 wraparound sum checksum
What is SCTP ? • SCTP ( Stream Control Transmission Protocol ) - PSTN signaling messages over IP Networks • Similar to TCP and UDP - transport layer - reliable / unreliable transmission - congestion control - ordered / unordered transmission
SCTP Feature Summary Start with TCP: reliable (retransmissions) congestion controlled connection oriented Add: 4-way handshake to reduce vulnerability to DOS attacks framing preserve message boundaries multistreaming instead of one ordered stream, up to 64K independent ordered streams multihoming instead of one IP address per endpoint a set of IP addresses per endpoint
SYN flood • A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system. • When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs like this: • The client requests a connection by sending a SYN (synchronize) message to the server. • The server acknowledges this request by sending SYN-ACK back to the client. • The client responds with an ACK, and the connection is established.
SYN Flooding Attack attackers Flooded!! victim 130.2.4.15 128.3.4.5 TCB SYN TCB 228.3.14.5 192.10.2.8 SYN TCB TCB 190.13.4.1 SYN TCB 221.3.5.10 Unavailable, reserved resources • There is no ACK in response to the SYN-ACK, hence connection • remains half-open • Other genuine clients cannot open connections to the victim • The victim is unable to provide service
Message Boundaries • UDP honors message boundaries • Each app message becomes a datagram • TCP does not honor message boundaries • App messages become part of a byte stream • SCTP maintains message boundaries • Each app message is maintained as one or more data chunks
Chunks in SCTP Common Header SCTP PDU Chunks • Building blocks of an SCTP PDU • Two kinds – control chunks and data chunks • data chunks are smallest atomic data units
SCTP Chunk Format • Type – e.g. Data, Init, SACK • Flags – bit meanings depend on type • Length – includes type, flags, length, and data/parameters
Common Header Chunk Bundling in SCTP SCTP PDU Bundling • Multiple chunks in one SCTP PDU • Control chunks bundled before data chunks • Chunk boundary cannot cross SCTP PDU boundary • Optional at sender, but receiver has to support
CONGESTION CONTROL & QUALITY of SERVICE
What is congestion?Impact of congestion • Packet queues at links start to grow… • Packets start dropping • Sources start re-transmitting • After a while only re-transmissions occupy the network • Network resources start getting utilized in useless work (packets in queues that get timed out and re-transmitted) • “Goodput” goes to nearly zero Max capacity Congestion controls try to avoid getting into this situation
Congestion Control • What is congestion control? • How is it done in example networks ? • Bus LAN • Switched LANs • Internet • Telephone network
Congestion control • Is done in some form at all layers • Flow control b/w source and destn. • Network layer congestion control is still needed. (Why?) • Can be done at various time-scales
Congestion control and QoS • Pre-QoS: Everything “best-effort” • E.g. TCP/IP networks, congestion control is left to TCP, i.e. TCP is a “well-behaved” source, that adapts to congestion • Post QoS-Integrated Services: Congestion control should be different for different sources • Different for file-transfer/e-mail • Different for real-time-sensitive apps, e.g. voice, video • Different based on what type of coding is used for these apps
Quality of Service • Quality parameters that define the performance needs of a “flow” (i.e. a stream of packets belonging to a particular connection) • Reliability – Probability of delivering packets correctly • Delay • Jitter – Variation in Packet delay • Bandwidth
Jitter Control (a) High jitter. (b) Low jitter.
Buffering Smoothing the output stream by buffering packets.
General Principles of Congestion Control • Monitor the system . • detect when and where congestion occurs. • Pass information to where action can be taken. • Adjust system operation to correct the problem.
Congestion control time-scales • Long Term: Network Resource Provisioning (sizing the network correctly) • Connection duration • Connection (call) admission control: In connection oriented networks, decide whether to admit connection or not • Round Trip propagation time: Explicit forward congestion signaling • Packet Insertion Level: • Traffic shaping, policing, selective discarding
Congestion Prevention Policies Policies that affect congestion. 5-26
Routing around congestion (a) A congested subnet. (b) A redrawn subnet, eliminates congestion and a virtual circuit from A to B.
Implicit Congestion Signaling • Transmission delay may increase with congestion • Packet may be discarded • Source can detect these as implicit indications of congestion • Useful on connectionless (datagram) networks • e.g. IP based • (TCP includes congestion and flow control)
Congestion Signaling • Network alerts end systems of increasing congestion • End systems take steps to reduce offered load • Backwards • Congestion avoidance in opposite direction to packet required • Forwards • Congestion avoidance in same direction as packet required
Backward Notification • Mark packets headed in the opposite direction of the congestion • Tell source that packets transmitted on this logical connection may encounter congestion • Source can slow down
Forward notification • Marks packets going in the direction of congestion • Tells the destination that these packets experienced congestion • Destination may alert source about congestion • At network layer • At transport layer
Categories of Explicit Signaling • Binary • A bit set in a packet indicates congestion • Credit based • Indicates how many packets source may send • Common for end to end flow control • Rate based • Supply explicit data rate limit • e.g. ATM
“Load Shedding” • Drop packets when buffers are full • Router can try to drop intelligently • Dropping older packets is better for multimedia streaming apps • Dropping newer packets is better for data apps (e.g. file transfer). • Receiver may discard out-of-order packets
Random Early Detect • Drop packets before buffers are full, so prevent congestion before it occurs • Sources will react to packet drops and slow down (e.g. TCP)
Issues to be addressed in broadband multi-service networks • Sources may not be doing flow control (voice, video) • Feedback is slow, (propagation time much greater compared to transmission time) • Diverse capacity requirements – may get penalized unfairly • Traffic patterns very different • Vastly different QoS requirements • Very high speed network wide fluctuations in reactive controls
Controlling Sources • Connection admission control • Based on some traffic descriptors, determine whether this connection can be admitted • Traffic Shaping • Make sure the traffic has certain performance attribute (shape) e.g. not bursty • Traffic Policing • Make sure traffic sent by user is according to contract done during connection admission
And one truly last word… ThAnKs